Hi Everyone,
I've flashed Tomato on an ASUS AC66U and all is working well. I've created a few bridges and set the cabling so that all internet traffic is routed through this router to the Bell modem. What I'm trying to do now is set the configuration so that only certain VLANS or bridges are routed through the VPN. I have the VPN up and running but I only want certain hosts going through it, the rest of the traffic I'd like to pass through directly to the internet, currently it routes all traffic. Is there a way to do this?

i have something running like that on my Asus RT-N16. It took me a lot of searching to find the solution and has been running very nicely.

I presume that you have the VPN setup and running on the Asus router already.

In the Advanced tab for your OpenVPN client ensure "Redirect Internet traffic" is unchecked or all traffic not going through the VPN will go down the sink. And that "Start with WAN" is checked in Basic settings.

In the "Administration" section look for "Scripts" and then "WAN Up". The WAN Up script runs when the WAN comes up and the VPN should come up at the same time. I have the following script in mine which shows examples that you can use to fine tune your own setup:

#!/bin/sh

This code goes in the WAN UP section of the Tomato GUI.

#

This script configures "selective" VPN routing. Normally Tomato will route ALL traffic out

the OpenVPN tunnel. These changes to iptables allow some outbound traffic to use the VPN, and some

I'm trying to get something similar up but using VLANs instead. For instance, I would like to have the first 2 hard-wire ports of my Asus RT-N66U go through the VPN and all clients of a particular virtual wireless access point go through the VPN. In my case, this would allow my 2 SAMSUNG TVs to go through the VPN permanently over RJ-45 and access Netflix. It would also allow my iPad to be able to use Netflix when I switch over to the VPN virtual wireless and go through my normal WAN gateway for all other stuff.

I have the two default access points set up as myhome24 and myhome50. In the VLAN part of tomatousb, I have added a new bridge, br1 (LAN1). A virtual wireless interface, wl0.1, has been created and is bridged to br1 (VLAN id 3, Bridge LAN1). This wireless SSID is named myhomevpn.

Following your guidelines above, if I want every client that connects to myhomevpn to go through the VPN, would this do the job?

Referencing the 2nd post in this thread, it appears that some of the code in the original unedited post is missing. Is there any way to retrieve this? I'm looking for this exact solution, and after hours of research haven't found it anywhere else. Thanks